Proposal: Personal Data Encryption (maybe SoC?)

[Jim McDonald]

Joe Pfeiffer wrote:

[Encrypting data]
> We certainly want a global scheme -- but I think we do want a
> per-data-item granularity.  I've certainly got things on my phone
> whose protection I don't care about (shopping lists) and other things
> that have legal implications (notes on how various students' class
> presentations went).  I want to be able to choose "save this encrypted"
> vs. "save this", and then when I access data I've encrypted I have to
> enter the password.
>
>   
Yep but on the flipside if you have some data that you want encrypted 
then encrypting all of it won't do any harm (perhaps a slightly slower 
response time, and assuming some sort of key caching going on the 
occasional entering of a decryption token, perhaps on unlock and 'phone 
startup?).  Having to choose for each piece of data if it is encrypted 
or not, and having to handle that in every application individually, is 
a great example of where choice can be too much.  I think that having a 
single system-wide setting and handling it appropriately (and far enough 
down the stack so that applications don't have to worry about it) would 
provide a simple and uniform approach to this problem without 
continually asking the user to decide which data is to be encrypted and 
which not.

Cheers,
Jim.